﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Dapper;
using IdentityModel;
using IdentityServer4;
using IdentityServer4.Models;
using IdentityServer4.Test;
using Microsoft.AspNetCore.Builder;
using MySql.Data.MySqlClient;

namespace IdentityMiddleware
{
    public class Config
    {

        private static List<string> GetBSIIPClaim(MySqlConnection connection,string sql)
        {
            var result=connection.Query<string>(sql);
            return result.ToList();
        }

        public static IEnumerable<ApiResource> GetApiResources(MySqlConnection connection,string sql)
        {
            var claims = GetBSIIPClaim(connection,sql);
            claims.Add(JwtClaimTypes.Role);
            claims.Add(JwtClaimTypes.Name);
            claims = claims.Distinct().ToList();
            return new List<ApiResource>
            {
                
                //new ApiResource("api1", "My API",new List<string>(){ClaimTypes.Name,JwtClaimTypes.Role,"Area"}),
                new ApiResource("UserManager", "UserManager Scope",claims/*new List<string>(){ClaimTypes.Name,JwtClaimTypes.Role}*/),
                new ApiResource("BSIIP_Api", "BSIIP API",claims)/*{ UserClaims = { JwtClaimTypes.Role,JwtClaimTypes.Name,"NickName" } }*/,
            };
            
        }
        public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
            {
                //new Client
                //{
                //    ClientId = "client1",

                //    // no interactive user, use the clientid/secret for authentication
                //    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
                //    // secret for authentication
                //    ClientSecrets =
                //    {
                //        new Secret("secret1".Sha256())
                //    },
                //    // scopes that client has access to
                //    AllowedScopes = { "api1",IdentityServerConstants.StandardScopes.OpenId,"ClaimsInfo" },
                //    AllowedCorsOrigins={"http://localhost:5001"},
                    
                //},
                new Client
                {
                    ClientId = "BSIIP",
                    AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials,
                    ClientSecrets =
                    {
                        new Secret("BSIIPsecret".Sha256())
                    },
                    // scopes that client has access to
                    AllowedScopes = { 
                        "BSIIP_Api",
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        IdentityServerConstants.StandardScopes.OfflineAccess,
                    },
                    AllowedCorsOrigins={"http://192.168.1.40:5001","http://192.168.1.40:5000","http://127.0.0.1:5001","http://localhost:5001","http://127.0.0.1:5000","https://localhost:5000","http://bts_api.e-rewin.com","http://bts_web.e-rewin.com","http://bts_api.e-rewin.com:5000","http://bts_web.e-rewin.com:5010","http://58.248.164.188:5000","http://58.248.164.188:5010","https://e-rewin.com:5000","http://e-rewin.com:5010","https://e-rewin.com:5005"},
                    AccessTokenLifetime=36000,
                    AllowOfflineAccess = true,
                    AlwaysSendClientClaims = true,
                    AlwaysIncludeUserClaimsInIdToken = true

                },
                new Client{
                    ClientId = "UserManager",
                    AllowedGrantTypes =GrantTypes.ResourceOwnerPasswordAndClientCredentials,
                    ClientSecrets =
                    {
                        new Secret("UserManagerSecret".Sha256())
                    },
                    AllowedScopes = { 
                        "UserManager",
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                    },
                    AllowedCorsOrigins={"http://192.168.1.40:5005","http://localhost:5005","http://127.0.0.1:5005","https://localhost:5000","http://bts_account.e-rewin.com","http://bts_account.e-rewin.com:5005","http://bts_account.e-rewin.com:5005","http://58.248.164.188:5005","https://bts_api.e-rewin.com:5000","https://e-rewin.com:5000","http://e-rewin.com:5010","https://e-rewin.com:5005"},
                },
                //new Client
                //{
                //    ClientId = "test",
                //    ClientName = "Test Client",
                //    AllowedGrantTypes = GrantTypes.Implicit,
                //    AllowAccessTokensViaBrowser = true,
                //    RedirectUris = { "http://localhost:5003/callback.html" },
                //    PostLogoutRedirectUris = { "http://localhost:5003/index.html" },
                //    AllowedCorsOrigins = { "http://localhost:5003" },
                //    AllowedScopes =
                //    {
                //        "api1",
                //        //IdentityServerConstants.StandardScopes.OpenId,
                //        //IdentityServerConstants.StandardScopes.Profile,
                //        "ClaimsInfo"
                //    },
                //}
            };
        }
        
        public static List<TestUser> GetUsers()
    {
        return new List<TestUser>
            {
                new TestUser
                {
                    SubjectId = "1",
                    Username = "alice",
                    Password = "password"
                },
                new TestUser
                {
                    SubjectId = "2",
                    Username = "bob",
                    Password = "password"
                }
            };
    }

        public static IEnumerable<IdentityResource> GetIdentityResources()
        {
            var customProfile = new IdentityResource(
                name: "custom.profile",
                displayName: "Custom profile",
                claimTypes: new[] { "name", "email", "status" });
            return new IdentityResource[]
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile(),
                new IdentityResource
                {
                    Name = "ClaimsInfo",
                    DisplayName="ClaimsInfo",
                    Description="Show user Claims Info.",
                    UserClaims = new[]{JwtClaimTypes.Name},
                    ShowInDiscoveryDocument = true,
                    Required=true,
                    Emphasize = true
                },
                customProfile
            };
        }
    }
}
